From ad451e7ebf4807d11148ff30fa335ad0d45217c4 Mon Sep 17 00:00:00 2001 From: "stepsecurity-int[bot]" <185740846+stepsecurity-int[bot]@users.noreply.github.com> Date: Thu, 5 Jun 2025 15:29:21 +0000 Subject: [PATCH] Apply security best practicesSigned-off-by: StepSecurity Bot --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index adb264e..30cfc19 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@v2 + uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 with: egress-policy: audit